The way we connect at work has changed. For one thing, “the workplace” is no longer confined to the office, which means that instead of relying on a corporate network, employees are using the Internet to do their jobs. While this has been a game-changer for enabling productivity, this internet addiction also exposes you to a host of internet-based threats.
Internet threats such as phishing are among the most common methods attackers use to compromise your organization’s security, and Internet addiction provides them with countless attack vectors and opportunities to compromise your business.
As you enjoy the increased productivity that comes with using the Internet as your default corporate network, you need to remain vigilant against these Internet-based threats.
Common Internet Threats You Should Be Aware Of
Because everything is so interconnected these days, Internet-based threats don’t live in isolation either. As you will see below, they are closely related to each other as a broader spectrum of risks from the web.
Social engineering
Social engineering is the classic approach to phishing, where the attacker takes a personal approach. They use details about you or your location that make them look like a real person to trick you into giving important information. This primarily occurred in the context of business email compromises (BEC), but has since evolved to include modern devices such as smartphones and tablets.
Attackers usually do some sort of research on their intended victim and create a fake story to gain their trust. The pernicious part of social engineering attacks is that attackers can end their interaction without arousing suspicion, leaving victims with no idea that their security has been compromised.
When the Pegasus spyware was first discovered, it was because a reporter received a link from an anonymous “source” who claimed to have information about a specific story the reporter was working on. Another common social engineering scheme often pops up during tax season, with attackers pretending to be accountants or IRS employees and tricking people into sharing their financial information.
Spoofing and DNS Spoofing
Spoofing and DNS spoofing are like an enhanced version of social engineering, and even knowledgeable users can fall for these tricks. Attackers who use these tactics create real-looking websites where users then enter their real login credentials. Once attackers have these credentials, they can access sensitive data and the site can even install malware.
A version of this is spoofing, in which attackers create a fake URL very close to the URL of the original site. Unless users have a very keen eye, a subtle difference in the URL is easy to miss, and is even harder on a mobile device.
In DNS spoofing, attackers modify DNS records to redirect traffic to a fake copycat website. Since the user is trying to access a genuine URL, they often have no reason to suspect that their destination is not legitimate.
Compromised account
If users fall prey to phishing techniques, one of the main consequences can be account compromise. This is when attackers gain access to online accounts with the intention of stealing sensitive data.
This happens in different ways. Maybe your information has already been leaked in a data breach or your password was just weak. Or it could have happened because you fell for a phishing scam.
If even a single employee is the victim of an account compromise, it can have far-reaching effects on your organization. Earlier this year, cloud communications company Twilio reported that attackers had hacked into their system using employee credentials obtained through a phishing attack. After this breach, attackers were able to target users of the Signal encrypted messaging app, which is a Twilio customer.
Malware Delivery
Another pernicious threat that lurks when users browse the internet is malware. Malware is often distributed via phishing tactics, and once a device has been infected, it can steal sensitive data, monitor users, and even infect other devices. Ransomware, which is a form of malware that encrypts files that can only be decrypted if you pay attackers a ransom, is also on the rise.
It has become even easier for attackers to spread malware thanks to the growth of malware as a service. These kits are inexpensive to obtain and easy to install. And because attackers often reuse pieces of old malware to create new malware, this is an ever-evolving threat.
How to Stay Aware of Internet Threats
There are many ways to use the Internet because your corporate network can make you vulnerable, but it is possible to stay safe.
Look for a solution that provides DNS-layer security, which continuously monitors the Internet for potentially malicious sites and blocks them before users encounter malicious content. Incoming and outgoing traffic inspection is also essential, as it allows you to see when malware is being downloaded and prevents data leaks to the public internet.
In the past, you may have turned to an on-premises Secure Web Gateway (SWG) to solve these problems, but with employees working from everywhere, that’s no longer the best solution. Instead of pinning down traffic with an on-premises tool, look for a cloud-delivered solution as part of a broader security platform (SSE) that will help you optimize performance and security, wherever find your users. One that has a unified policy regarding data leakage, unauthorized web applications, and acceptable use.
Cloud-native Lookout SWG offers advanced data protection features that prevent unauthorized data exfiltration, compares traffic against comprehensive threat lists to identify potential threats, and integrates with malware detection from zero-day type. While allowing your employees to do their best work from anywhere
*** This is a syndicated Lookout Blogs Security Bloggers Network blog written by Lookout Blogs. Read the original post at: https://resources2.lookout.com/blog/internet-based-threats
#Internet #threats #putting #organization #risk